lfg2025/archy
1
0
Fork 0
Code Issues 9 Pull Requests Actions Packages Projects Releases 44 Wiki Activity
archy/docs/CONTAINER_LIFECYCLE_HANDOFF.md
archipelago c0751e2551 chore(release): stage v1.7.54-alpha
2026-05-06 09:23:57 -04:00

78 KiB
Raw Blame History

Container Lifecycle Handoff

Last updated: 2026-05-06

Resume Prompt

Resume Archipelago lifecycle testing from /home/archipelago/Projects/archy. Read docs/CONTAINER_LIFECYCLE_HANDOFF.md first. Preserve data unless explicitly told otherwise. Do not revert unrelated dirty worktree changes. Keep untracked docs/CONTAINER_LIFECYCLE_HANDOFF.md and docs/CHAT_TRANSCRIPT_2026-05-02.md.

Current focus: multi-node non-destructive hardening across .228, .116, and .67. .228 was live-repaired and verified for dashboard, Bitcoin UI, LND UI, Immich, and authenticated Bitcoin RPC. .116 was live-repaired for stale Bitcoin Knots command drift, Grafana rootless ownership, nginx /bitcoin-status proxying, and stale LND UI companion image/unit drift; focused non-destructive lifecycle audit now passes for bitcoin-knots,lnd,btcpay-server,mempool,grafana. v1.7.54-alpha release artifacts were regenerated from current source and verified to carry runtime payload fixes. .67 remains unreachable from this workspace despite confirmed credentials archipelago/archipelago.

Durable fixes implemented locally: Bitcoin container entrypoint/cmd drift recreation, Grafana data_uid/rootless ownership repair, Immich Postgres 2g memory, IndeedHub boot/start Nostr provider reapply, Apps loading/launch readiness UI fixes, nginx /bitcoin-status backend proxy repair, and LND UI 18083 companion/spec drift repair.

Latest deployed backend checksum on `.116` after live deploy: `c6c7830f14dc80b0e22d803997ad3df31c9ab3d4b08829b3bddc1b03ce77bd0a`. Latest live verification: nginx `/bitcoin-status` returns JSON, LND UI `http://127.0.0.1:18083/` returns HTTP 200 from `localhost/lnd-ui:local`, runtime payload scripts and promoted `/opt/archipelago/scripts` both carry `18083`, and focused non-destructive lifecycle audit passed for `bitcoin-knots,lnd,btcpay-server,mempool,grafana`. Next action: publish/tag v1.7.54-alpha if approved, then continue to `.228` deploy or `.67` reachability.

Regenerated release artifacts:
- `releases/v1.7.54-alpha/archipelago`: `77e3a236a6196a5ab9ec2411b150490e78ffc95ea6ab8eb34ab29b3df53cd632`
- `releases/v1.7.54-alpha/archipelago-frontend-1.7.54-alpha.tar.gz`: `a010ac43a2dd02f528202cb2f7b99b61ceab80adc6827877594e41df4ea951fb`
- `releases/manifest.json` and `release-manifest.json`: `0fb73c808ef87c1535c5e5f560ea331bacaded86c8c81abd5cdd2893a0415b6f`
- Unbundled ISO: `image-recipe/results/archipelago-installer-1.7.54-alpha-unbundled-x86_64.iso`, sha256 `9828b244e6ffdd5f1b1d5184c1b22bef7474b32078b1ceb4ec3584d9bdb6775b`, size `2.3G`.

2026-05-06 Resume Checkpoint

  • Goal: make container lifecycle and health recovery durable for every install and existing Archipelago server, while preserving app data.
  • .228 state:
    • SSH key auth still fails, but password SSH works with password archipelago.
    • Quarantined stale Quadlet blocker ~/.config/containers/systemd/bitcoin-core.container.disabled-20260506.
    • Started companion Bitcoin/LND UI services; external ports 8334 and 18083 return HTTP 200.
    • Recreated stale bitcoin-knots container record only, preserving /var/lib/archipelago/bitcoin and BITCOIN_RPC_PASS; authenticated local RPC works.
    • Diagnosed Immich reset loop as immich_postgres memory cap 512MiB; raised live cap to 2g/4g swap and made it persistent in code.
    • Final external checks passed: dashboard 200, Bitcoin UI 200, LND UI 200, Immich 200, Bitcoin RPC unauthenticated 405 expected.
  • .116 state:
    • Removed stale update override /etc/systemd/system/archipelago.service.d/update-url.conf.
    • Valid RPC/password auth is archipelago; password123 failed.
    • Recreated stale bitcoin-knots preserving data and RPC password; direct authenticated RPC works.
    • Fixed Grafana with podman unshare chown -R 472:472 /var/lib/archipelago/grafana; Grafana health returns 200.
    • Deployed locally built fixed backend to /usr/local/bin/archipelago; previous binary was backed up and service restarted.
    • Backend deploy checksum now c6c7830f14dc80b0e22d803997ad3df31c9ab3d4b08829b3bddc1b03ce77bd0a.
    • Repaired active nginx config and canonical config so curl http://127.0.0.1/bitcoin-status returns JSON instead of SPA HTML.
    • Repaired LND UI companion drift: generated quadlet was using stale localhost/lnd-ui:latest, whose nginx listened on container port 8081 while the unit mapped 18083:80. Updated the live unit to use localhost/lnd-ui:local; http://127.0.0.1:18083/ returns HTTP 200 and survives systemctl --user restart archy-lnd-ui.service.
    • Focused non-destructive lifecycle audit passed: ARCHY_HOST=192.168.1.116 ARCHY_SCHEME=http ARCHY_PASSWORD=archipelago ARCHY_APPS=bitcoin-knots,lnd,btcpay-server,mempool,grafana ARCHY_STABILITY_SECONDS=5 ARCHY_TIMEOUT=300 tests/lifecycle/remote-lifecycle.sh.
    • Deployed newest local backend and script fixes live to .116, restarted Archipelago twice, and re-ran the focused non-destructive audit successfully. Important release/OTA note: startup promoted stale /opt/archipelago/web-ui/archipelago-runtime/scripts over /opt/archipelago/scripts once; after refreshing the runtime payload scripts too, restart preserved 18083 everywhere.
    • Recent Bitcoin/ElectrumX status warnings appear transient during Bitcoin IBD/UTXO flushes. Live /bitcoin-status is ok=true, stale=false; ElectrumX reports waiting because it is indexed beyond the local Bitcoin node and is waiting for Bitcoin catch-up.
  • .67 state:
    • User confirmed credentials archipelago/archipelago.
    • This workspace cannot reach it: SSH No route to host, HTTP 000, ping 100% loss, neighbor incomplete/failed.
    • IndeedHub reboot/Nostr signing fix still needs live verification from a host that can reach .67.
  • Local durable fixes in progress/done:
    • Bitcoin/Grafana/Immich/IndeedHub backend fixes are implemented locally.
    • UI loading/launch readiness fixes are implemented locally.
    • Nginx canonical config now includes /bitcoin-status proxy next to /electrs-status.
    • Startup bootstrap now patches older nginx configs that are missing /bitcoin-status and still patches /api/app-catalog when needed. It handles both sites-available/archipelago and copied sites-enabled/archipelago layouts.
    • LND UI companion/spec drift is fixed locally: first-boot/container specs now use host 18083, and companion reconcile now rewrites stale quadlet units/images instead of only checking active state.
    • Release packaging now includes image-recipe/configs/nginx-archipelago.conf in the OTA runtime payload and strips __pycache__, .pyc, .bak, .bak-*, and logs from runtime assets.
    • Regenerated v1.7.54-alpha frontend tarball was explicitly verified to contain LND UI 18083, LND UI container nginx listen 80, and /bitcoin-status nginx blocks; no pycache/pyc/bak junk remains.
    • ISO builder now configures both 146.59.87.168:3000 and git.tx1138.com as insecure for Podman and passes --tls-verify=false for primary HTTP registry pulls. The unbundled ISO now successfully pulls and saves filebrowser.tar instead of warning that Cloud/File Browser will be missing.
    • ISO output filenames now include the release version and alpha suffix, e.g. archipelago-installer-1.7.54-alpha-unbundled-x86_64.iso.
  • Verification already passed before latest nginx change:
    • cargo fmt
    • cargo check -p archipelago --bin archipelago
    • cargo build -p archipelago --bin archipelago --release
    • bash -n scripts/first-boot-containers.sh
    • bash -n image-recipe/build-debian-iso.sh image-recipe/archipelago-scripts/install-to-disk.sh image-recipe/write-usb-dd.sh image-recipe/create-fat32-usb.sh image-recipe/_archived/build-auto-installer-iso.sh scripts/create-release-manifest.sh scripts/container-specs.sh scripts/first-boot-containers.sh scripts/self-update.sh
    • cd neode-ui && npm run build
    • cd neode-ui && npm run type-check
    • cd neode-ui && npm test -- appsConfig.test.ts appLauncher.test.ts --run
    • scripts/check-release-manifest.sh
    • sudo -n env UNBUNDLED=1 BUILD_FROM_SOURCE=1 bash build-debian-iso.sh from image-recipe/ passed and produced the v1.7.54-alpha unbundled ISO.
  • Next steps:
    • Re-check .116 Archipelago logs for Bitcoin status: RPC failure: getblockchaininfo after Bitcoin IBD/UTXO flushing calms down.
    • Deploy the fixed backend to .228 if desired so durable repairs run there too.
    • Optional next gate: run a full bundled/core-image ISO build if you need offline app images. The prior File Browser HTTP registry blocker is fixed for the builder path.
    • Verify IndeedHub on .67 only from a reachable network path.

2026-05-05 Botfights, Gitea, Icons

2026-05-06 Multi-Node Non-Destructive Audit

2026-05-06 .228 Live Repair

  • Access notes:

    • SSH key auth to .228 still fails, but password SSH works with password archipelago.
    • Dashboard/RPC health reports version=1.7.53-alpha.

  • Companion UI repair:

    • Root cause: a stale rootless Quadlet unit at ~/.config/containers/systemd/bitcoin-core.container blocked user Quadlet generation, so archy-bitcoin-ui.service and archy-lnd-ui.service were missing even though their .container files existed.
    • Quarantined only the stale blocker: ~/.config/containers/systemd/bitcoin-core.container.disabled-20260506.
    • Ran user daemon reload and started generated companion services.
    • Final verification: archy-bitcoin-ui.service and archy-lnd-ui.service are active; external http://192.168.1.228:8334/ and http://192.168.1.228:18083/ both return HTTP 200.

  • Bitcoin Knots repair:

    • Root cause: existing bitcoin-knots container record was stale and still launched exec bitcoind; current image only provides /opt/bitcoin-29.3.knots20260210/bin/bitcoind on PATH/fallback.
    • Removed and recreated only the bitcoin-knots container record, preserving /var/lib/archipelago/bitcoin and the existing BITCOIN_RPC_PASS.
    • New command matches the deployed manifest fallback: resolve command -v bitcoind, then search /opt -path '*/bin/bitcoind'.
    • Final verification: container is running, ports 8332/8333 are listening, authenticated local RPC getblockchaininfo works, and the node is in initial block/header sync.

  • Immich repair:

    • Root cause: immich_postgres was capped at 512MiB; during Immich v2.7.4 reverse-geocoding geodata import, Postgres child processes were SIGKILLed while bulk inserting into geodata_places, forcing DB recovery and causing immich_server to reset connections on 2283.
    • Raised only the Postgres container memory limit with podman update --memory=2g --memory-swap=4g immich_postgres, then restarted immich_postgres and immich_server; preserved /var/lib/archipelago/immich-db and /var/lib/archipelago/immich.
    • Final logs showed Successfully imported 224210 geodata records, Initialized local reverse geocoder, and both Immich API/microservices successfully started.
    • Final external verification: http://192.168.1.228:2283/ returns HTTP 200.

  • Final .228 external status after repair:

    • Dashboard http://192.168.1.228/: HTTP 200.
    • Bitcoin UI http://192.168.1.228:8334/: HTTP 200.
    • LND UI http://192.168.1.228:18083/: HTTP 200.
    • Immich http://192.168.1.228:2283/: HTTP 200.
    • Bitcoin RPC no-auth probe http://192.168.1.228:8332/: HTTP 405, expected for reachable RPC without credentials.

  • Still outstanding from this audit:

    • .116 has the same stale Bitcoin Knots container-command symptom but RPC password password123 fails; do not repair until valid auth/SSH access is confirmed.
    • .67 remains unreachable from this machine even with confirmed credentials archipelago/archipelago: SSH reports No route to host, HTTP probes return 000, local route is via wlp3s0 from 192.168.1.116, and ping has 100% packet loss. IndeedHub reboot behavior still needs diagnosis from a host that can reach .67.
    • The .228 ad-hoc Immich Postgres memory repair was made persistent locally after the live fix: install_immich_stack now creates immich_postgres with --memory=2g, and get_memory_limit("immich_postgres") returns 2g. Verification passed with cargo fmt and cargo check -p archipelago --bin archipelago.

  • IndeedHub reboot/Nostr signing root cause and local fix:

    • User confirmed IndeedHub works after a manual restart, but after server boot it fails to come back correctly and forgets the Nostr signing/provider behavior.
    • Root cause in code: ProdContainerOrchestrator::ensure_running_with_mode returned stack-managed immediately for indeedhub, so the boot reconciler never started/repaired the installed stack and never reapplied the imperative frontend nginx/Nostr-provider mutation.
    • Additional gap: package start/restart repaired IndeedHub network aliases but did not reapply nostr-provider.js / nginx patch after the frontend container was started.
    • Local fix: boot reconcile now handles an existing IndeedHub stack without fresh-installing the single manifest: starts backend containers, starts frontend if stopped/exited/created, repairs network aliases, reapplies the Nostr provider/nginx patch, and restarts the frontend if host port 7778 is not listening.
    • Local fix: package start/restart now reapplies the IndeedHub Nostr provider patch whenever indeedhub is in the started/restarted set.
    • Verification passed locally with cargo fmt and cargo check -p archipelago --bin archipelago.
    • Not live-verified on .67 because this workspace still cannot reach .67; deploy the backend build to a reachable test node or run from a host that can reach .67, then reboot and confirm http://<node>:7778/ plus Nostr signing in the iframe.

  • Bitcoin/Grafana permanent repair notes:

    • .116 showed Unable to connect to Bitcoin node because bitcoin-knots had the same stale container command as .228: existing container record still executed bare bitcoind, but the current image only has /opt/bitcoin-29.3.knots20260210/bin/bitcoind discoverable via PATH/fallback.
    • Local permanent fix: ProdContainerOrchestrator::container_env_drifted now also checks entrypoint/cmd drift against the current manifest. Existing stale containers whose command no longer matches the deployed manifest are removed/recreated by boot reconcile/start/install flows, preserving bind-mounted data.
    • .116 Grafana served /api/health but logs showed GF_PATHS_DATA='/var/lib/grafana' is not writable and repeated attempt to write a readonly database; live data ownership had mixed rootless mapped owners.
    • Local permanent fix: apps/grafana/manifest.yml now declares data_uid: "472:472", and Grafana start/reconcile paths repair /var/lib/archipelago/grafana ownership before start/restart. This makes fresh installs and already-installed nodes self-heal instead of relying on manual chown.
    • Verification passed with cargo fmt and cargo check -p archipelago --bin archipelago.

  • Current local branch state during audit:

    • main is 31 commits ahead of tx1138/main.
    • Tracked worktree is clean.
    • Untracked docs: docs/CONTAINER_LIFECYCLE_HANDOFF.md and docs/CHAT_TRANSCRIPT_2026-05-02.md.

  • Connectivity and service health:

    • .198: SSH reachable with /home/archipelago/.ssh/id_ed25519; archipelago.service active; local health returns status=ok, version=1.7.53-alpha.
    • .116: SSH reachable with /home/archipelago/.ssh/id_ed25519; archipelago.service active; local health returns status=ok, version=1.7.51-alpha.
    • .228: SSH still blocked with Permission denied (publickey,password); dashboard/RPC is reachable over HTTP/HTTPS.

  • Broad non-destructive lifecycle audit results:

    • .198 passed cleanly: ARCHY_HOST=192.168.1.198 ARCHY_PASSWORD=password123 ARCHY_STABILITY_SECONDS=5 ARCHY_TIMEOUT=180 tests/lifecycle/remote-lifecycle.sh.
    • .228 failed two checks with RPC-only audit: Bitcoin Knots UI direct port http://192.168.1.228:8334/ returned status=000, and LND UI direct port http://192.168.1.228:18083/ returned status=000. Dashboard itself returns HTTP 200. SSH-level diagnosis is blocked until credentials/key access are fixed.
    • .116 audit did not complete within 15 minutes and showed degraded state: container-health returned unknown for bitcoin-knots, btcpay-server, and lnd; LND direct port http://192.168.1.116:18083/ returned status=000. Direct probes showed dashboard HTTP 200, Bitcoin UI http://192.168.1.116:8334/ HTTP 200, old LND UI http://192.168.1.116:8081/ HTTP 200, BTCPay http://192.168.1.116:23000/ HTTP 302, and Mempool http://192.168.1.116:4080/ HTTP 200.

  • .116 live diagnostics:

    • Deployed backend checksum: f761e659d661f0a83cd3a67a086bb2279398bc05e50ee3c52e769e52d11e476c.
    • Service has ARCHIPELAGO_DEV_MODE=true override and ARCHIPELAGO_UPDATE_URL=http://192.168.1.116:3000/lfg2025/archy/raw/branch/main/releases/manifest.json.
    • archy-lnd-ui is still mapped to 0.0.0.0:8081->80/tcp, while the current lifecycle harness expects LND UI on 18083; treat .116 as stale relative to the current LND port migration.
    • lnd is Up ... (unhealthy) on 8080, 9735, and 10009.
    • btcpay-server is Up ... (unhealthy) on 23000.
    • bitcoin-knots is Up ... (reset) and backend logs show repeated Bitcoin RPC failures for getblockchaininfo.
    • Backend logs show ElectrumX status also failing Bitcoin RPC.

  • .198 live diagnostics:

    • Deployed backend checksum observed during this audit: 86cf408ed84c7a7a72d1b5529aa97561dd02db38aab57c523999d1f5e7bf48b7.

  • Local smoke verification passed:

    • cargo check -p archipelago --bin archipelago from core/.
    • npm run type-check from neode-ui/.
    • npm test -- appsConfig.test.ts appLauncher.test.ts --run from neode-ui/ (27 passed).

  • Next focused actions:

    • Fix .228 SSH access first if deeper runtime diagnosis is required; RPC-only audit already identifies closed/unreachable direct app ports 8334 and 18083.
    • Bring .116 forward to the current deployed release/runtime expectations before treating lifecycle failures as fresh regressions. It is on 1.7.51-alpha, has dev-mode/update-url overrides, and still launches LND UI on legacy port 8081.
    • After .116 is updated, rerun focused non-destructive checks for bitcoin-knots, lnd, btcpay-server, mempool, and ElectrumX/Bitcoin RPC status before a full broad audit.

2026-05-05 Tailscale And Grafana Recheck

2026-05-05 Release v1.7.52-alpha Staging

  • Release target corrected to 1.7.52-alpha.
  • Version bumped locally in:
    • core/archipelago/Cargo.toml
    • core/Cargo.lock
    • neode-ui/package.json
    • neode-ui/package-lock.json
  • .52 release notes added to CHANGELOG.md.
  • Debian 13/Trixie security mitigation added for rebuilt media:
    • _archived/build-auto-installer-iso.sh now runs apt-get -y full-upgrade after enabling Debian/Trixie security repositories during rootfs, Tailscale, FIPS, and installer environment creation.
    • image-recipe/archipelago-scripts/install-to-disk.sh now runs apt-get -y full-upgrade after writing trixie-security sources and before installing kernel/bootloader/packages.
    • This does not retroactively patch already-built ISOs; .52 media must be rebuilt.
  • Active ISO command restored:
    • Added image-recipe/build-debian-iso.sh wrapper around the archived builder so documented ISO commands no longer point at a missing script.
    • USB helper scripts now default to results/archipelago-installer-x86_64.iso / unbundled fallback and allow ARCHIPELAGO_ISO=/path/to.iso.
  • .52 release artifacts staged:
    • releases/v1.7.52-alpha/archipelago
    • releases/v1.7.52-alpha/archipelago-frontend-1.7.52-alpha.tar.gz
    • releases/manifest.json
    • release-manifest.json
  • Manifest validation passed: scripts/check-release-manifest.sh.
  • Frontend dependency audit:
    • Ran npm audit fix, removing the critical protobufjs advisory and high advisories.
    • Remaining audit finding is moderate uuid <14 via dockerode; npm audit fix --force would upgrade to breaking dockerode@5.0.0, so this was not forced during release staging.
  • Final verification passed:
    • cargo build -p archipelago --bin archipelago --release with existing reconcile_all dead-code warning.
    • cargo check -p archipelago --bin archipelago with same warning.
    • cd neode-ui && npm run build.
    • cd neode-ui && npm run type-check && npm test -- appsConfig.test.ts appLauncher.test.ts --run.
    • bash -n image-recipe/build-debian-iso.sh image-recipe/archipelago-scripts/install-to-disk.sh image-recipe/write-usb-dd.sh image-recipe/create-fat32-usb.sh image-recipe/_archived/build-auto-installer-iso.sh.
    • npm audit --audit-level=high reports only moderate findings and exits with the remaining moderate dockerode/uuid issue.
  • Not yet done in this pass:
    • Full bundled ISO build was not run; unbundled ISO build passed.
    • .52 release artifacts were staged locally but not committed, tagged, or pushed.
    • No git commit was created.

2026-05-05 Warning Fix And ISO Build

  • Removed the reconcile_all dead-code warning by making the install-missing reconcile helper test-only with #[cfg(test)]; production uses reconcile_existing.

  • Verification now passes without Rust warnings:

    • cargo check -p archipelago --bin archipelago
    • cargo build -p archipelago --bin archipelago --release

  • Refreshed .52 backend artifact and manifests after the warning fix:

    • scripts/check-release-manifest.sh passes.
    • Backend sha256: fc47c3bc42f67472252cb854bb03e200a92929ab38aeac519422704486af18d4.
    • Frontend tarball sha256: 329e57a0491e91966afcd5a82f5c00920657695b01ecc6c9e99c6814b44abf29.

  • Built unbundled .52 Debian ISO:

    • Command: sudo -n env UNBUNDLED=1 BUILD_FROM_SOURCE=1 bash image-recipe/build-debian-iso.sh from image-recipe/.
    • Output: image-recipe/results/archipelago-installer-unbundled-x86_64.iso.
    • Size: 2.3G.
    • sha256: 547ba5dcd0ad61aeaa52ce0beaff4f447e2ab2c59bf6b1fa127529606fe0209d.

  • ISO build note:

    • The unbundled ISO completed successfully.
    • Optional File Browser core image pull failed during Step 3b because 146.59.87.168:3000 answered HTTP while Podman tried HTTPS: server gave HTTP response to HTTPS client.
    • This was non-fatal for unbundled media; Cloud/File Browser may need post-install Marketplace download unless registry TLS/insecure registry config is corrected before a bundled/core-image ISO.

  • Backend build deployed to .198: eb539aaa11b32776888be1b23b90c9c0c78b46d8a86dc55ccce7f5b15bbda16e.

  • Tailscale is now qualified:

    • Root cause: container command started tailscale web before tailscaled, so the web UI exited because /var/run/tailscale/tailscaled.sock did not exist yet.
    • Fixed backend config and first-boot script to start tailscaled --tun=userspace-networking first, then bind tailscale web --listen 0.0.0.0:8240.
    • Removed only the stale tailscale container on .198; preserved /var/lib/archipelago/tailscale.
    • Full preserve-data lifecycle passed: ARCHY_HOST=192.168.1.198 ARCHY_PASSWORD=password123 ARCHY_APPS=tailscale ARCHY_FULL_LIFECYCLE=1 ARCHY_TIMEOUT=900 ARCHY_STABILITY_SECONDS=5 tests/lifecycle/remote-lifecycle.sh.
    • Frontend launch now opens local app port http://<host>:8240/ instead of the external Tailscale admin site.
    • Browser launch passed: ARCHY_BASE_URL=http://192.168.1.198 ARCHY_PASSWORD=password123 ARCHY_APP_ID=tailscale ARCHY_APP_TITLE=Tailscale ARCHY_APP_CARD_TITLE=Tailscale ARCHY_EXPECTED_LAUNCH_URL=http://192.168.1.198:8240/ ARCHY_EXPECTED_LAUNCH_MODE=popup ARCHY_EXPECTED_BODY_PATTERN='Tailscale|Connect|Login|Sign|Authorize|Machines|Admin|Tailnet|VPN' npx playwright test e2e/app-launch.spec.ts --config=playwright.config.ts --project=chromium --reporter=line.

  • Grafana regression was found during broad audit:

    • RPC/container state was running, but direct launch failed on http://192.168.1.198:3000/ with status=000; Podman reported a port mapping while ss had no host listener.
    • Extended existing host-port listener repair to include Grafana port 3000 on install/adoption/start/restart paths.
    • Full Grafana lifecycle passed after repair, then focused Grafana audit passed.

  • Broad .198 audit passed after Tailscale and Grafana repairs:

    • Command: ARCHY_HOST=192.168.1.198 ARCHY_PASSWORD=password123 ARCHY_STABILITY_SECONDS=5 ARCHY_TIMEOUT=300 tests/lifecycle/remote-lifecycle.sh.
    • Running apps included tailscale, grafana, and the previously qualified app set.
    • Absent and tolerated: ollama, photoprism, electrumx, dwn.

  • Local verification passed:

    • cargo fmt
    • cargo build -p archipelago --bin archipelago --release with existing reconcile_all dead-code warning.
    • cargo check -p archipelago --bin archipelago with same warning.
    • bash -n scripts/first-boot-containers.sh
    • cd neode-ui && npm run build
    • cd neode-ui && npm run type-check
    • cd neode-ui && npm test -- appsConfig.test.ts appLauncher.test.ts --run

  • Backend build deployed to .198: 4b92ecea7d0a988c4ebe814b47f49f00277867d5f1eb0dca2cb1cd906b536fe6.

  • Gitea regression re-tested and repaired after later launch failure:

    • Failure reproduced during full lifecycle after restart: launch failed: gitea http://192.168.1.198:3001/ status=000 bytes=0.
    • Live diagnosis: Gitea was healthy internally on container port 3000 and ROOT_URL was correct, but Podman's rootless pasta host listener on :3001 accepted no traffic.
    • Changed Gitea install networking in core/archipelago/src/api/rpc/package/install.rs to --network=slirp4netns:allow_host_loopback=true, matching the Uptime Kuma rootless listener repair path.
    • Backend build deployed to .198: 9db6c192c2e633c4648fafc0372ea0f3cb0749aacc5396bb12f7710c8bac4aa7.
    • Full preserve-data lifecycle passed: ARCHY_HOST=192.168.1.198 ARCHY_PASSWORD=password123 ARCHY_APPS=gitea ARCHY_FULL_LIFECYCLE=1 ARCHY_TIMEOUT=900 ARCHY_STABILITY_SECONDS=5 tests/lifecycle/remote-lifecycle.sh.
    • Direct check passed: http://192.168.1.198:3001/ returned HTTP 200; final container inspect showed network=slirp4netns and rootlessport listening on :3001.

  • Botfights is qualified:

    • Initial failure was stale pasta.avx2 listener on host port 9100; no Botfights container owned it.
    • Killed stale pid 211879 and reran full lifecycle.
    • Full lifecycle passed: ARCHY_HOST=192.168.1.198 ARCHY_PASSWORD=password123 ARCHY_APPS=botfights ARCHY_FULL_LIFECYCLE=1 ARCHY_TIMEOUT=900 ARCHY_STABILITY_SECONDS=5 tests/lifecycle/remote-lifecycle.sh.

  • Gitea is qualified:

    • User-visible launch error was broken asset root: Gitea generated /app/gitea/assets/... URLs while the UI/lifecycle launched direct port http://192.168.1.198:3001/.
    • Fixed backend post-install hook in core/archipelago/src/api/rpc/package/install.rs to set ROOT_URL = http://<host>:3001/ instead of /app/gitea/.
    • Added install/start/restart stale listener cleanup and host-port verification for Gitea host ports 3001, 2222, and legacy stale 3000.
    • Full lifecycle passed: ARCHY_HOST=192.168.1.198 ARCHY_PASSWORD=password123 ARCHY_APPS=gitea ARCHY_FULL_LIFECYCLE=1 ARCHY_TIMEOUT=900 ARCHY_STABILITY_SECONDS=5 tests/lifecycle/remote-lifecycle.sh.

  • Icons updated locally:

    • Replacement files found at /home/archipelago/immich.png, /home/archipelago/electrumx.png, and /home/archipelago/grafana.png.
    • Replaced neode-ui/public/assets/img/app-icons/immich.png, neode-ui/public/assets/img/app-icons/grafana.png, and neode-ui/public/assets/img/grafana.png.
    • Added neode-ui/public/assets/img/app-icons/electrumx.png and updated catalog/curated/marketplace references from .webp to .png.
    • Installed Gitea icon now falls back to existing /assets/img/app-icons/gitea.svg instead of nonexistent /assets/img/app-icons/gitea.png.
    • AppHeroSection.vue now uses resolveAppIcon() so app details uses the same fallback behavior.
    • Verification passed: npm test -- appsConfig.test.ts --run.

2026-05-05 Nextcloud, Uptime Kuma, ElectrumX Warning

  • Backend build deployed to .198: 1796cccd44e7d8f34b495b2dc04bc933d85a32c8c77cee31800653cc5f7b05d0.
  • Nextcloud live 403 Forbidden was caused by unreadable Apache/PHP entry files inside the container:
    • .htaccess, index.php, and status.php were 0600 root:root.
    • Added targeted Nextcloud permission repair in core/archipelago/src/api/rpc/package/install.rs instead of broad recursive ownership/mode changes.
    • Manually repaired live container file modes and restarted Nextcloud.
    • Retested http://192.168.1.198:8085/status.php and http://192.168.1.198:8085/; both returned HTTP/1.1 200 OK.
  • Uptime Kuma root cause was rootless host port listener instability:
    • The app was healthy internally on 127.0.0.1:3001 and returned 302 /dashboard, while the host 3002 listener was missing despite Podman showing a mapping.
    • Changed Uptime Kuma install networking in core/archipelago/src/api/rpc/package/install.rs to --network=slirp4netns:allow_host_loopback=true.
    • Ran cargo fmt, cargo check -p archipelago --bin archipelago, and cargo build -p archipelago --bin archipelago --release successfully before deploy.
    • Recreated Uptime Kuma through local backend RPC on .198 with preserve-data uninstall/reinstall; preserved /var/lib/archipelago/uptime-kuma.
    • Retested http://192.168.1.198:3002/; final response was HTTP/1.1 302 Found with Location: /dashboard.
  • ElectrumX archival-node UI warning implemented in neode-ui:
    • Marketplace.vue, MarketplaceAppDetails.vue, and Discover.vue fetch /bitcoin-status and only block ElectrumX/electrs/mempool-electrs installs when blockchain_info.pruned === true.
    • Failed or unavailable prune-status fetches remain fail-safe and do not block install attempts.
    • Warning text shown via toast/error paths: You need a full archival bitcoin node before downloading ElectrumX.
    • MarketplaceAppCard.vue blocked warning button is clickable so the toast path can display the popup text instead of silently disabling the button.
    • Frontend verification passed: npm run type-check from neode-ui.
  • Icon replacement remains blocked:
    • Searched likely upload locations and repo icon paths; no replacement icon files were found.
    • Existing icon directory is neode-ui/public/assets/img/app-icons/.
    • Continue once the actual replacement files/path are provided.

2026-05-04 Testing Continuation

  • SearXNG rootless listener fix deployed and qualified after reconnection:

    • Backend build deployed to .198: 0773e8719cfd1099ffeae27d9f046749353ebb7fa795c36097b674bd54c28820.
    • Root cause: the new-container install path repaired a missing rootless pasta host listener on port 8888, but the legacy "container already exists, adopt it" path could return success without the same repair. This left Podman reporting 0.0.0.0:8888->8080/tcp while ss showed no listener and launch probes returned 000.
    • Code fix: core/archipelago/src/api/rpc/package/install.rs now calls ensure_host_port_listener(package_id, package_id) before returning success from the existing-container adoption path.
    • Full lifecycle passed: ARCHY_HOST=192.168.1.198 ARCHY_PASSWORD=password123 ARCHY_APPS=searxng ARCHY_FULL_LIFECYCLE=1 ARCHY_TIMEOUT=180 ARCHY_STABILITY_SECONDS=5 tests/lifecycle/remote-lifecycle.sh.
    • Browser launch passed in panel mode: ARCHY_BASE_URL=http://192.168.1.198 ARCHY_PASSWORD=password123 ARCHY_APP_ID=searxng ARCHY_APP_TITLE=SearXNG ARCHY_APP_CARD_TITLE=SearXNG ARCHY_EXPECTED_LAUNCH_URL=http://192.168.1.198:8888/ ARCHY_EXPECTED_LAUNCH_MODE=panel ARCHY_EXPECTED_BODY_PATTERN='SearXNG|Search' npx playwright test e2e/app-launch.spec.ts --config=playwright.config.ts --project=chromium --reporter=line.

  • Jellyfin is qualified:

    • Full lifecycle passed: ARCHY_HOST=192.168.1.198 ARCHY_PASSWORD=password123 ARCHY_APPS=jellyfin ARCHY_FULL_LIFECYCLE=1 ARCHY_TIMEOUT=900 ARCHY_STABILITY_SECONDS=5 tests/lifecycle/remote-lifecycle.sh.
    • Browser launch passed in panel mode: ARCHY_BASE_URL=http://192.168.1.198 ARCHY_PASSWORD=password123 ARCHY_APP_ID=jellyfin ARCHY_APP_TITLE=Jellyfin ARCHY_APP_CARD_TITLE=Jellyfin ARCHY_EXPECTED_LAUNCH_URL=http://192.168.1.198:8096/ ARCHY_EXPECTED_LAUNCH_MODE=panel ARCHY_EXPECTED_BODY_PATTERN='Jellyfin|jellyfin' npx playwright test e2e/app-launch.spec.ts --config=playwright.config.ts --project=chromium --reporter=line.

  • ElectrumX is blocked on .198:

    • Reproduced failure: ARCHY_HOST=192.168.1.198 ARCHY_PASSWORD=password123 ARCHY_APPS=electrumx ARCHY_FULL_LIFECYCLE=1 ARCHY_TIMEOUT=300 ARCHY_STABILITY_SECONDS=5 tests/lifecycle/remote-lifecycle.sh stayed absent after install.
    • Backend log shows install was rejected before container creation: electrumx requires an unpruned Bitcoin node while indexing. Current Bitcoin is pruned.
    • Direct Bitcoin RPC confirmed pruned: true, prune_target_size: 576716800, IBD blocks=472928, headers=947914.
    • Disk check showed /var/lib/archipelago has about 384G free, likely not enough for unpruned mainnet plus ElectrumX index. User selected Mark blocked; do not reconfigure Bitcoin on .198 unless explicitly requested.

  • PhotoPrism is pending/blocked on image pull speed:

    • ARCHY_HOST=192.168.1.198 ARCHY_PASSWORD=password123 ARCHY_APPS=photoprism ARCHY_FULL_LIFECYCLE=1 ARCHY_TIMEOUT=900 ARCHY_STABILITY_SECONDS=5 tests/lifecycle/remote-lifecycle.sh stayed installing because the container image was still pulling.
    • No photoprism container was created yet; no port 2342 listener.
    • Backend logs show 146.59.87.168:3000/lfg2025/photoprism:240915 timed out after 600s, then git.tx1138.com/lfg2025/photoprism:240915 timed out after 600s, then retry attempt 1/3 restarted the primary registry pull.
    • Treat as image/registry-pull pending rather than app runtime failure unless a later pull completes and the container fails to start.

  • Stuck-installing backend fix deployed after PhotoPrism exposed long pull retries:

    • Backend build deployed to .198: 1f0dd8b9fe801d289557ac050f68011c395374f2b0d5c4677b884d6081612de0.
    • Single-container image pulls now try the configured registry list once with a 300s per-URL timeout instead of repeating the whole list three times with 600s per URL. This turns missing/stalled image pulls into visible failed installs instead of leaving cards in installing for close to an hour.
    • Scanner now removes stale absent transitional entries after TRANSITIONAL_STUCK_TIMEOUT; previously an Installing entry with no container could survive indefinitely after a backend restart or killed pull task.
    • Verified PhotoPrism state recovered to absent with ARCHY_HOST=192.168.1.198 ARCHY_PASSWORD=password123 ARCHY_APPS=photoprism ARCHY_TIMEOUT=60 ARCHY_STABILITY_SECONDS=1 tests/lifecycle/remote-lifecycle.sh.

  • Nginx Proxy Manager is qualified:

    • Full lifecycle passed: ARCHY_HOST=192.168.1.198 ARCHY_PASSWORD=password123 ARCHY_APPS=nginx-proxy-manager ARCHY_FULL_LIFECYCLE=1 ARCHY_TIMEOUT=900 ARCHY_STABILITY_SECONDS=5 tests/lifecycle/remote-lifecycle.sh.
    • Browser launch passed as a new-tab app: ARCHY_BASE_URL=http://192.168.1.198 ARCHY_PASSWORD=password123 ARCHY_APP_ID=nginx-proxy-manager ARCHY_APP_TITLE='Nginx Proxy Manager' ARCHY_APP_CARD_TITLE='Nginx Proxy Manager' ARCHY_EXPECTED_LAUNCH_URL=http://192.168.1.198:81/ ARCHY_EXPECTED_LAUNCH_MODE=popup ARCHY_EXPECTED_BODY_PATTERN='Nginx|Proxy|Manager|Sign in|Email' npx playwright test e2e/app-launch.spec.ts --config=playwright.config.ts --project=chromium --reporter=line.

  • Portainer is qualified:

    • Full lifecycle passed: ARCHY_HOST=192.168.1.198 ARCHY_PASSWORD=password123 ARCHY_APPS=portainer ARCHY_FULL_LIFECYCLE=1 ARCHY_TIMEOUT=900 ARCHY_STABILITY_SECONDS=5 tests/lifecycle/remote-lifecycle.sh.
    • Browser launch passed as a new-tab app: ARCHY_BASE_URL=http://192.168.1.198 ARCHY_PASSWORD=password123 ARCHY_APP_ID=portainer ARCHY_APP_TITLE=Portainer ARCHY_APP_CARD_TITLE=Portainer ARCHY_EXPECTED_LAUNCH_URL=http://192.168.1.198:9000/ ARCHY_EXPECTED_LAUNCH_MODE=popup ARCHY_EXPECTED_BODY_PATTERN='Portainer|Username|Password|Create administrator' npx playwright test e2e/app-launch.spec.ts --config=playwright.config.ts --project=chromium --reporter=line.

  • Uptime Kuma is blocked on .198:

    • Initial failure was a recipe bug: code overrode the image entrypoint to /usr/bin/dumb-init but did not pass a program, causing repeated dumb-init usage exits.
    • Fixed recipe by passing -- node server/server.js; deployed backend 540aefb2e1d19aa64b7a5da316bf12c1933145d7ea536afedffb6068371a476f.
    • Added install/start/restart listener repair for host port 3002; latest deployed backend is bbcba3f32fab8e11349962f8bb5227ec0374cf36200a768a716c00485dcd121b.
    • Remaining blocker: Uptime Kuma container stays healthy and listens internally on 3001, Podman reports 0.0.0.0:3002->3001/tcp, but ss loses the actual host listener and direct curl returns 000.
    • Manual podman restart uptime-kuma makes 127.0.0.1:3002 return 302 32 for about 105 seconds, then the listener disappears while the container remains healthy. Treat as unstable rootless pasta listener, not an app process crash.

  • Immich is qualified:

    • Backend build deployed to .198: 22c8129b8f4e93b58cce9baef8f9e1d071cb243faf85bee1b56457d48f46bbfc.
    • Root cause of lifecycle failure: container-health was called with app id immich, but the fallback health/status aliases only inspected immich and archy-immich; the stack's real service container is immich_server. The scanner already reports the stack as immich, so state was running while health returned unknown.
    • Code fix: core/archipelago/src/api/rpc/container.rs now includes immich_server in health/status app-id and container-name candidates for immich.
    • Full lifecycle passed: ARCHY_HOST=192.168.1.198 ARCHY_PASSWORD=password123 ARCHY_APPS=immich ARCHY_FULL_LIFECYCLE=1 ARCHY_TIMEOUT=1800 ARCHY_STABILITY_SECONDS=5 tests/lifecycle/remote-lifecycle.sh.
    • Browser launch passed in panel mode from neode-ui: ARCHY_BASE_URL=http://192.168.1.198 ARCHY_PASSWORD=password123 ARCHY_APP_ID=immich ARCHY_APP_TITLE=Immich ARCHY_APP_CARD_TITLE=Immich ARCHY_EXPECTED_LAUNCH_URL=http://192.168.1.198:2283/ ARCHY_EXPECTED_LAUNCH_MODE=panel ARCHY_EXPECTED_BODY_PATTERN='Immich|Login|Admin|Photos' npx playwright test e2e/app-launch.spec.ts --config=playwright.config.ts --project=chromium --reporter=line.
    • Note: an earlier /tmp/archipelago.new transfer was truncated/mismatched and crashed with SIGSEGV; restored bbcba3f32fab8e11349962f8bb5227ec0374cf36200a768a716c00485dcd121b, recopied verified local release to /tmp/archipelago.local-release, then deployed it successfully.

  • DWN is blocked on missing/unpullable image:

    • Full lifecycle failed: ARCHY_HOST=192.168.1.198 ARCHY_PASSWORD=password123 ARCHY_APPS=dwn ARCHY_FULL_LIFECYCLE=1 ARCHY_TIMEOUT=900 ARCHY_STABILITY_SECONDS=5 tests/lifecycle/remote-lifecycle.sh.
    • Failure: dwn did not reach running within 900s (last=absent).
    • Backend journal shows both pull attempts failed before container creation: 146.59.87.168:3000/lfg2025/dwn-server:main and git.tx1138.com/lfg2025/dwn-server:main, ending with Image pull failed from all 2 configured registries.
    • No dwn container or image exists on .198; treat as image/catalog publishing blocker unless a local fallback image is built or registry image is restored.

  • Botfights handoff point:

    • Lifecycle command was started but user interrupted during install while switching computers: ARCHY_HOST=192.168.1.198 ARCHY_PASSWORD=password123 ARCHY_APPS=botfights ARCHY_FULL_LIFECYCLE=1 ARCHY_TIMEOUT=900 ARCHY_STABILITY_SECONDS=5 tests/lifecycle/remote-lifecycle.sh.
    • Last visible output before abort: == botfights: install ==.
    • On resume, inspect current botfights state/container/image before rerunning because the backend install task may have continued after the local harness was aborted.

  • Broad .198 audit passed:

    • Command: ARCHY_HOST=192.168.1.198 ARCHY_PASSWORD=password123 ARCHY_STABILITY_SECONDS=5 tests/lifecycle/remote-lifecycle.sh
    • Running/healthy enough for audit: bitcoin-knots, btcpay-server, lnd, mempool, homeassistant, grafana, searxng, nextcloud, vaultwarden, filebrowser, fedimint, indeedhub.
    • Absent and tolerated by audit at the time: ollama, jellyfin, photoprism, immich, nginx-proxy-manager, portainer, uptime-kuma, electrumx, dwn, botfights, gitea.

  • Focused full preserve-data lifecycle passed in this continuation:

    • btcpay-server: ARCHY_HOST=192.168.1.198 ARCHY_PASSWORD=password123 ARCHY_APPS=btcpay-server ARCHY_FULL_LIFECYCLE=1 ARCHY_STABILITY_SECONDS=5 tests/lifecycle/remote-lifecycle.sh
    • nextcloud: ARCHY_HOST=192.168.1.198 ARCHY_PASSWORD=password123 ARCHY_APPS=nextcloud ARCHY_FULL_LIFECYCLE=1 ARCHY_STABILITY_SECONDS=5 tests/lifecycle/remote-lifecycle.sh
    • mempool: ARCHY_HOST=192.168.1.198 ARCHY_PASSWORD=password123 ARCHY_APPS=mempool ARCHY_FULL_LIFECYCLE=1 ARCHY_STABILITY_SECONDS=5 tests/lifecycle/remote-lifecycle.sh
    • homeassistant: ARCHY_HOST=192.168.1.198 ARCHY_PASSWORD=password123 ARCHY_APPS=homeassistant ARCHY_FULL_LIFECYCLE=1 ARCHY_STABILITY_SECONDS=5 tests/lifecycle/remote-lifecycle.sh
    • grafana: ARCHY_HOST=192.168.1.198 ARCHY_PASSWORD=password123 ARCHY_APPS=grafana ARCHY_FULL_LIFECYCLE=1 ARCHY_STABILITY_SECONDS=5 tests/lifecycle/remote-lifecycle.sh
    • vaultwarden: ARCHY_HOST=192.168.1.198 ARCHY_PASSWORD=password123 ARCHY_APPS=vaultwarden ARCHY_FULL_LIFECYCLE=1 ARCHY_STABILITY_SECONDS=5 tests/lifecycle/remote-lifecycle.sh
    • filebrowser: ARCHY_HOST=192.168.1.198 ARCHY_PASSWORD=password123 ARCHY_APPS=filebrowser ARCHY_FULL_LIFECYCLE=1 ARCHY_STABILITY_SECONDS=5 tests/lifecycle/remote-lifecycle.sh

  • Focused full preserve-data lifecycle still known-passing from prior handoff: lnd, bitcoin-knots, fedimint, indeedhub.

  • SearXNG regression reproduced:

    • Command failed at install launch probe: ARCHY_HOST=192.168.1.198 ARCHY_PASSWORD=password123 ARCHY_APPS=searxng ARCHY_FULL_LIFECYCLE=1 ARCHY_STABILITY_SECONDS=5 tests/lifecycle/remote-lifecycle.sh
    • Failure: launch failed: searxng http://192.168.1.198:8888/ status=000 bytes=0.
    • Post-failure state: container searxng is Up ... (healthy) and podman port searxng reports 8080/tcp -> 0.0.0.0:8888, but ss -ltn has no *:8888 listener and both curl http://127.0.0.1:8888/ and curl http://192.168.1.198:8888/ return 000 0.
    • A package.restart temporarily recreated the listener and direct curl returned 200 6316, but the next full lifecycle reinstall reproduced the missing listener.

  • Remaining focused full-lifecycle candidates after this continuation:

    • Blocked on .198: electrumx, uptime-kuma.
    • Pending on image pull: photoprism.
    • Absent apps not yet qualified in this pass: botfights, gitea.
    • Botfights lifecycle attempt was interrupted during install; inspect state first on resume.
    • Blocked on missing image: dwn.
    • Skip ollama until image/manifest/catalog entry is restored.
    • electrumx is absent but was mentioned as a possible follow-up in earlier handoff; run only if it remains in scope.

2026-05-04 IndeedHub And LND Update

  • Latest deployed backend hash observed on .198: 83ad80ec793095f2b19746ad8c3d76ab2e7b57b132e4182a28ea9ff86067908b.
  • Frontend bundle redeployed to /opt/archipelago/web-ui; dashboard Last-Modified: Mon, 04 May 2026 10:15:11 GMT.
  • LND was intentionally switched back to panel/iframe launch per user request:
    • Removed lnd from NEW_TAB_APPS, TAB_LAUNCH_APPS, and NEW_TAB_APP_IDS.
    • Browser panel launch qualification passed against http://192.168.1.198:18083/.
  • IndeedHub is now qualified:
    • Full backend/container lifecycle passed.
    • Browser Launch qualification passed in panel/iframe mode.
    • /nostr-provider.js is served by IndeedHub and contains the NIP-07/NIP-98 bridge markers.

IndeedHub Issues Fixed

  • Stack restart failed because restarted backend containers lost network aliases (minio, postgres, redis, relay, api).
  • Added alias repair for IndeedHub stack restart/start paths:
    • core/archipelago/src/api/rpc/package/stacks.rs
    • core/archipelago/src/api/rpc/package/runtime.rs
    • core/archipelago/src/container/prod_orchestrator.rs
  • The frontend nginx container failed under read-only root with:
    • open() "/run/nginx.pid" failed (30: Read-only file system)
  • Added writable tmpfs mounts for stack-created IndeedHub frontend:
    • /run
    • /var/cache/nginx
  • The boot reconciler raced the async stack installer by recreating the single-container manifest indeedhub:latest while package.install indeedhub was still pulling stack images. This stole the indeedhub container name and caused stack frontend creation to fail.
  • Fixed by marking IndeedHub as stack-managed in ProdContainerOrchestrator::ensure_running_with_mode, so generic manifest reconciliation no longer installs/recreates it.
  • Lifecycle harness now waits for async install transition states to settle before checking running, avoiding stale-container false positives.

Passing Commands

ARCHY_HOST=192.168.1.198 ARCHY_PASSWORD=password123 ARCHY_APPS=indeedhub ARCHY_FULL_LIFECYCLE=1 tests/lifecycle/remote-lifecycle.sh

cd /home/archipelago/Projects/archy/neode-ui
ARCHY_BASE_URL=http://192.168.1.198 \
ARCHY_PASSWORD=password123 \
ARCHY_APP_ID=indeedhub \
ARCHY_APP_TITLE=IndeedHub \
ARCHY_APP_CARD_TITLE=IndeedHub \
ARCHY_EXPECTED_LAUNCH_URL=http://192.168.1.198:7778/ \
ARCHY_EXPECTED_LAUNCH_MODE=panel \
ARCHY_EXPECTED_BODY_PATTERN='Indee|Indeed|Bitcoin|documentary|nostr' \
npx playwright test e2e/app-launch.spec.ts --config=playwright.config.ts --project=chromium --reporter=line

cd /home/archipelago/Projects/archy/neode-ui
ARCHY_BASE_URL=http://192.168.1.198 \
ARCHY_PASSWORD=password123 \
ARCHY_APP_ID=lnd \
ARCHY_APP_TITLE=LND \
ARCHY_APP_CARD_TITLE=LND \
ARCHY_EXPECTED_LAUNCH_URL=http://192.168.1.198:18083/ \
ARCHY_EXPECTED_LAUNCH_MODE=panel \
ARCHY_EXPECTED_BODY_PATTERN='Connect Your Wallet|lndconnect|REST|gRPC|Copy lndconnect URI' \
npx playwright test e2e/app-launch.spec.ts --config=playwright.config.ts --project=chromium --reporter=line

Next Recommended Work After IndeedHub

  • Grafana is now qualified:
    • Full backend/container lifecycle passed.
    • Browser Launch qualification passed against http://192.168.1.198:3000/ / /login.
  • Home Assistant is now qualified:
    • Full backend/container lifecycle passed.
    • Browser Launch qualification passed; first-run redirect to /onboarding.html is accepted.
  • SearXNG is now qualified:
    • Full backend/container lifecycle passed.
    • Browser Launch qualification passed in panel/iframe mode against http://192.168.1.198:8888/.
    • Fixed stale rootless pasta listener recovery for port 8888 before install/retry.
    • Fixed manifest image drift by aligning apps/searxng/manifest.yml with package install image 146.59.87.168:3000/lfg2025/searxng:latest; backend restart was required on .198 to reload the deployed manifest.
  • SearXNG recheck after user reported UI not loading:
    • RPC/container state showed running and Podman reported 0.0.0.0:8888->8080/tcp, but ss showed no actual listener and direct curl http://192.168.1.198:8888/ failed.
    • Restarted SearXNG through package.restart, which recreated the rootless port listener on *:8888.
    • Re-ran audit: ARCHY_HOST=192.168.1.198 ARCHY_PASSWORD=password123 ARCHY_APPS=searxng ARCHY_TIMEOUT=180 ARCHY_STABILITY_SECONDS=5 tests/lifecycle/remote-lifecycle.sh passed.
    • Re-ran browser launch qualification for SearXNG in panel mode; Playwright passed.
  • Ollama is currently blocked/unqualified:
    • ARCHY_HOST=192.168.1.198 ARCHY_PASSWORD=password123 ARCHY_APPS=ollama ARCHY_FULL_LIFECYCLE=1 ARCHY_STABILITY_SECONDS=5 tests/lifecycle/remote-lifecycle.sh failed after install because container-list stayed absent for 900s.
    • No apps/ollama/manifest.yml exists and ollama is absent from app-catalog/catalog.json / neode-ui/public/catalog.json.
    • Confirmed configured image is missing: podman manifest inspect --tls-verify=false 146.59.87.168:3000/lfg2025/ollama:latest returns manifest unknown.
    • This matches CHANGELOG.md v1.7.45 note that Ollama was removed because it hung installs due to no source image in registries.
  • Nextcloud is now qualified:
    • Full backend/container lifecycle passed with preserve-data uninstall/reinstall: ARCHY_HOST=192.168.1.198 ARCHY_PASSWORD=password123 ARCHY_APPS=nextcloud ARCHY_FULL_LIFECYCLE=1 ARCHY_STABILITY_SECONDS=5 tests/lifecycle/remote-lifecycle.sh.
    • Browser Launch qualification passed as a new-tab app against http://192.168.1.198:8085/.
    • Note: Nextcloud sends X-Frame-Options: SAMEORIGIN; panel/iframe launch leaves an empty iframe body from dashboard origin, so qualify it with ARCHY_EXPECTED_LAUNCH_MODE=popup.
  • Vaultwarden is now qualified:
    • Initial audit found vaultwarden absent by RPC but a stale rootless pasta listener still bound to *:8082; cleared with pkill -f "pasta.*8082" before install.
    • Full backend/container lifecycle passed with preserve-data uninstall/reinstall: ARCHY_HOST=192.168.1.198 ARCHY_PASSWORD=password123 ARCHY_APPS=vaultwarden ARCHY_FULL_LIFECYCLE=1 ARCHY_STABILITY_SECONDS=5 tests/lifecycle/remote-lifecycle.sh.
    • Browser Launch qualification passed as a new-tab app against http://192.168.1.198:8082/.
  • Continue one-by-one lifecycle/browser qualification with jellyfin, photoprism, immich, nginx-proxy-manager, portainer, uptime-kuma, dwn, botfights, and gitea. Skip Ollama until an image/manifest/catalog entry is restored.

2026-05-04 Fedimint Update

  • Latest deployed backend hash observed on .198: cb464ede6625c00f4fa9e8940d933d7a69d29b0537cfabd8da783f0116a0c587.
  • Fedimint Guardian is now qualified under the current release standard:
    • Full backend/container lifecycle passed with preserve-data uninstall/reinstall.
    • Browser Launch qualification passed in panel/iframe mode against http://192.168.1.198:8175/.
  • Root-cause fix: Fedimint image runs as uid 0 inside the rootless container, so its bind-mounted data directory must be host-owned by 1000:1000, not subuid 100000:100000.
  • Implemented ownership repair in core/archipelago/src/container/prod_orchestrator.rs via the Fedimint pre-start/data-dir hook.
  • Passing lifecycle command:
ARCHY_HOST=192.168.1.198 ARCHY_PASSWORD=password123 ARCHY_APPS=fedimint ARCHY_FULL_LIFECYCLE=1 tests/lifecycle/remote-lifecycle.sh
  • Passing browser launch command:
cd /home/archipelago/Projects/archy/neode-ui
ARCHY_BASE_URL=http://192.168.1.198 \
ARCHY_PASSWORD=password123 \
ARCHY_APP_ID=fedimint \
ARCHY_APP_TITLE='Fedimint Guardian' \
ARCHY_APP_CARD_TITLE='Fedimint Guardian' \
ARCHY_EXPECTED_LAUNCH_URL=http://192.168.1.198:8175/ \
ARCHY_EXPECTED_LAUNCH_MODE=panel \
ARCHY_EXPECTED_BODY_PATTERN='Fedimint|Guardian|Federation|Mint|Bitcoin' \
npx playwright test e2e/app-launch.spec.ts --config=playwright.config.ts --project=chromium --reporter=line
  • Result: 1 passed (11.7s).
  • Note: backend scanner currently reports Fedimint lan_address from the first exposed port (8173), but the frontend app-session mapping correctly launches the UI on 8175.

Next Recommended Work After Fedimint

  • Continue with IndeedHub full lifecycle and browser Launch qualification.

2026-05-04 Mempool Update

  • Latest deployed backend hash on .198: 02d79360df86d653c9e7b06a05bdf039a0454b81a65220dbe16fa57cafeed236.
  • Mempool is now qualified:
    • Full backend/container lifecycle passed.
    • Browser Launch qualification passed in panel/iframe mode.

Mempool Issues Fixed

  • Initial Mempool lifecycle failed after install with bad health: mempool is unknown.
  • Root cause: package id mempool maps to manifest/app id archy-mempool-web with container name mempool; container-health called orchestrator.health("mempool") directly and bypassed alias candidates.
  • Added alias handling in core/archipelago/src/api/rpc/container.rs:
    • mempool / mempool-web status candidates include archy-mempool-web.
    • specific container-health { app_id: "mempool" } now tries alias candidates and direct Podman container-name fallback.
  • After deploy, short audit passed:
ARCHY_HOST=192.168.1.198 ARCHY_PASSWORD=password123 ARCHY_APPS=mempool ARCHY_TIMEOUT=60 ARCHY_STABILITY_SECONDS=0 tests/lifecycle/remote-lifecycle.sh
  • Mempool full lifecycle passed:
ARCHY_HOST=192.168.1.198 ARCHY_PASSWORD=password123 ARCHY_APPS=mempool ARCHY_FULL_LIFECYCLE=1 ARCHY_STABILITY_SECONDS=5 tests/lifecycle/remote-lifecycle.sh
  • Result: all checks passed.

Mempool Browser Launch

  • Mempool is an in-panel/iframe app, not a new-tab app.
  • Initial browser test failed because the generic spec expected a popup.
  • Updated neode-ui/e2e/app-launch.spec.ts:
    • ARCHY_EXPECTED_LAUNCH_MODE=panel verifies an app session iframe instead of popup.
    • Card selection now matches a card heading exactly via APP_CARD_TITLE/APP_TITLE, avoiding false matches from description text (ElectrumX description mentions Mempool).
    • Panel iframe selector tolerates source URLs without a trailing slash.
  • Passing command:
cd /home/archipelago/Projects/archy/neode-ui
ARCHY_BASE_URL=http://192.168.1.198 \
ARCHY_PASSWORD=password123 \
ARCHY_APP_ID=mempool \
ARCHY_APP_TITLE=Mempool \
ARCHY_EXPECTED_LAUNCH_URL=http://192.168.1.198:4080/ \
ARCHY_EXPECTED_LAUNCH_MODE=panel \
ARCHY_EXPECTED_BODY_PATTERN='Mempool|Bitcoin|Block|Transaction' \
npx playwright test e2e/app-launch.spec.ts --config=playwright.config.ts --project=chromium --reporter=line
  • Result: 1 passed (15.8s).

Next Recommended Work After Mempool

  • Continue installed app qualification with electrumx or filebrowser.
  • ElectrumX already had prior focused work but should get the current browser launch standard if not already rerun after these Playwright spec changes.
  • Suggested ElectrumX backend lifecycle:
ARCHY_HOST=192.168.1.198 ARCHY_PASSWORD=password123 ARCHY_APPS=electrumx ARCHY_FULL_LIFECYCLE=1 ARCHY_STABILITY_SECONDS=5 tests/lifecycle/remote-lifecycle.sh
  • Suggested ElectrumX browser launch:
cd /home/archipelago/Projects/archy/neode-ui
ARCHY_BASE_URL=http://192.168.1.198 \
ARCHY_PASSWORD=password123 \
ARCHY_APP_ID=electrumx \
ARCHY_APP_TITLE=ElectrumX \
ARCHY_EXPECTED_LAUNCH_URL=http://192.168.1.198:50002/ \
ARCHY_EXPECTED_LAUNCH_MODE=panel \
ARCHY_EXPECTED_BODY_PATTERN='ElectrumX|Connect Your Wallet|50001' \
npx playwright test e2e/app-launch.spec.ts --config=playwright.config.ts --project=chromium --reporter=line

2026-05-04 Resume Snapshot

  • Another agent changed the worktree before this session; do not revert unrelated dirty files.
  • .198 service is active, archipelago-doctor.timer inactive, archipelago-reconcile.timer inactive.
  • Latest deployed backend hash on .198: 02d79360df86d653c9e7b06a05bdf039a0454b81a65220dbe16fa57cafeed236.
  • LND remains qualified from prior session: full backend lifecycle passed and browser Launch opens http://192.168.1.198:18083/ with wallet-connect content.
  • BTCPay is now qualified:
    • Full backend/container lifecycle passed after stop-state normalization fix.
    • Browser Launch qualification passed against .198; first-run redirect to /register is accepted.

2026-05-04 Work Completed

  • Rechecked local/remote state after separate-agent work.
  • Ran BTCPay full lifecycle:
ARCHY_HOST=192.168.1.198 ARCHY_PASSWORD=password123 ARCHY_APPS=btcpay-server ARCHY_FULL_LIFECYCLE=1 ARCHY_STABILITY_SECONDS=5 tests/lifecycle/remote-lifecycle.sh
  • Initial BTCPay run failed at stop because BTCPay containers were explicitly stopped, but Podman reports stopped containers as exited; scanner overwrote package state from Stopped to Exited, and the harness waited for stopped.
  • Fixed scanner merge path in core/archipelago/src/server.rs: scanned Exited package entries are normalized to Stopped when the app id is present in /var/lib/archipelago/user-stopped.json via configured data_dir.
  • Rebuilt and deployed backend to .198; new hash 6bd9db024ab37017cadd684cb3296c6adbcf290ac27e1238a6bf1e7c0f883e3e.
  • Verified BTCPay then reports state=stopped after explicit stop.
  • Reran BTCPay full lifecycle; result: all checks passed.
  • Updated neode-ui/e2e/app-launch.spec.ts to support app-specific URL/body regexes:
    • ARCHY_EXPECTED_LAUNCH_URL_PATTERN
    • ARCHY_EXPECTED_BODY_PATTERN
  • Ran BTCPay browser launch qualification:
cd /home/archipelago/Projects/archy/neode-ui
ARCHY_BASE_URL=http://192.168.1.198 \
ARCHY_PASSWORD=password123 \
ARCHY_APP_ID=btcpay-server \
ARCHY_APP_TITLE=BTCPay \
ARCHY_EXPECTED_LAUNCH_URL=http://192.168.1.198:23000/ \
ARCHY_EXPECTED_LAUNCH_URL_PATTERN='^http://192\.168\.1\.198:23000/(register)?$' \
ARCHY_EXPECTED_BODY_PATTERN='BTCPay|Create.*account|Register|Store' \
npx playwright test e2e/app-launch.spec.ts --config=playwright.config.ts --project=chromium --reporter=line
  • Result: 1 passed (10.3s).

Next Recommended Work

  • Mempool is now complete. Continue app-by-app qualification with ElectrumX or File Browser.
  • Prior suggested Mempool command, now passing:
ARCHY_HOST=192.168.1.198 ARCHY_PASSWORD=password123 ARCHY_APPS=mempool ARCHY_FULL_LIFECYCLE=1 ARCHY_STABILITY_SECONDS=5 tests/lifecycle/remote-lifecycle.sh
  • If Mempool backend lifecycle passes, run browser launch qualification:
cd /home/archipelago/Projects/archy/neode-ui
ARCHY_BASE_URL=http://192.168.1.198 \
ARCHY_PASSWORD=password123 \
ARCHY_APP_ID=mempool \
ARCHY_APP_TITLE=Mempool \
ARCHY_EXPECTED_LAUNCH_URL=http://192.168.1.198:4080/ \
ARCHY_EXPECTED_BODY_PATTERN='Mempool|Bitcoin|Block|Transaction' \
npx playwright test e2e/app-launch.spec.ts --config=playwright.config.ts --project=chromium --reporter=line

Updated Resume Prompt

Resume Archipelago container lifecycle hardening from /home/archipelago/Projects/archy. Read docs/CONTAINER_LIFECYCLE_HANDOFF.md first. Remote node is 192.168.1.198, SSH key /home/archipelago/.ssh/id_ed25519, ARCHY_PASSWORD=password123. Preserve data unless explicitly told otherwise. Keep archipelago-doctor.timer and archipelago-reconcile.timer paused. Do not revert unrelated dirty worktree changes because another agent has been working too. LND, BTCPay, and Mempool now have full backend lifecycle plus browser Launch qualification passing. Latest deployed backend hash on .198 is 02d79360df86d653c9e7b06a05bdf039a0454b81a65220dbe16fa57cafeed236. Continue with the next installed app, likely ElectrumX or File Browser, using full lifecycle and then Playwright browser launch qualification.

2026-05-03 Resume Snapshot

  • Remote node under test: 192.168.1.198.
  • SSH key: /home/archipelago/.ssh/id_ed25519.
  • Lifecycle password: ARCHY_PASSWORD=password123.
  • Current qualification target: BTCPay full lifecycle. LND user-facing launch flow is now qualified.
  • Do not proceed to broad release/audit until app launch qualification includes a real browser click/open-tab check, not just backend/direct-port curl.
  • Preserve data during lifecycle testing unless explicitly told otherwise.
  • Legacy timers should remain paused during deterministic qualification: archipelago-doctor.timer and archipelago-reconcile.timer inactive/disabled.

Latest Deployed State On .198

  • Backend deployed to /usr/local/bin/archipelago; service observed active.
  • Latest backend hash observed on .198: abbd9fa4e6beace75f590c1988a1904b9de62b4b21fade1291926ac039c4747b.
  • Frontend bundle was rebuilt with LND new-tab config and deployed to /opt/archipelago/web-ui.
  • Dashboard entrypoint at http://192.168.1.198/ returns 200 and fresh Last-Modified: Sun, 03 May 2026 20:09:08 GMT.
  • Dashboard CSP allows direct app ports via connect-src ... http://192.168.1.198:* and frame-src ... http://192.168.1.198:*.
  • LND direct UI still works from the test environment:
curl -fsS -D - http://192.168.1.198:18083/ -o /tmp/opencode/lnd-ui.html

Expected: HTTP/1.1 200 OK, wallet-connect page content including Connect Your Wallet, lndQrBox, rest-tor, grpc-tor, and Copy lndconnect URI.

LND Status

  • Backend/container lifecycle for LND passed after the latest backend changes:
ARCHY_HOST=192.168.1.198 ARCHY_PASSWORD=password123 ARCHY_APPS=lnd ARCHY_FULL_LIFECYCLE=1 ARCHY_STABILITY_SECONDS=5 tests/lifecycle/remote-lifecycle.sh
  • Result: all checks passed through install, stop, start, restart, preserve-data uninstall, reinstall.
  • Direct LND UI is reachable at http://192.168.1.198:18083/.
  • Product/UI launch is now qualified by Playwright against .198. User previously saw browser launch failures (refused to connect / This site can't be reached), but the deployed frontend/backend now open the direct LND UI URL successfully.
  • Frontend changes intended to fix this:
    • neode-ui/src/views/appSession/appSessionConfig.ts: lnd added to NEW_TAB_APPS.
    • neode-ui/src/views/apps/appsConfig.ts: lnd added to TAB_LAUNCH_APPS.
    • neode-ui/src/stores/appLauncher.ts: lnd added to NEW_TAB_APP_IDS.

Browser-Level Launch Check Added

  • Added neode-ui/e2e/app-launch.spec.ts as a reusable Playwright qualification test.
  • Intended run command:
cd /home/archipelago/Projects/archy/neode-ui
ARCHY_PASSWORD=password123 \
ARCHY_APP_ID=lnd \
ARCHY_APP_TITLE=LND \
ARCHY_EXPECTED_LAUNCH_URL=http://192.168.1.198:18083/ \
npx playwright test e2e/app-launch.spec.ts --config=playwright.config.ts --project=chromium --reporter=line
  • Current result: passing against .198.
  • Passing command:
cd /home/archipelago/Projects/archy/neode-ui
ARCHY_BASE_URL=http://192.168.1.198 \
ARCHY_PASSWORD=password123 \
ARCHY_APP_ID=lnd \
ARCHY_APP_TITLE=LND \
ARCHY_EXPECTED_LAUNCH_URL=http://192.168.1.198:18083/ \
npx playwright test e2e/app-launch.spec.ts --config=playwright.config.ts --project=chromium --reporter=line
  • Result: 1 passed (12.3s).
  • The test clicks the real My Apps Launch button, waits for the popup, verifies URL http://192.168.1.198:18083/, and checks wallet-connect text in the popup body.

New Root-Cause Findings To Continue

  • AppDetails can render App Not Found before package data has arrived. The route still does not wait for the WebSocket initial package snapshot; the launch qualification now uses My Apps card launch, which matches user behavior.
  • server.get-state frontend call was broken against the deployed backend:
RPC method: server.get-state
RPC error on server.get-state: Unknown method: server.get-state
  • Fixed by adding server.get-state dispatch support in core/archipelago/src/api/rpc/dispatcher.rs and deploying the new backend to .198.
  • Verified browser-authenticated server.get-state returns hasLnd=true, status=200, error=null.
  • WebSocket initial data still works; logs showed WebSocket /ws/db connected and initial state dumps.
  • Earlier browser-test failures were due to wrong Playwright baseURL defaulting to .228 and/or empty package state on that node, not LND direct UI reachability.
  • Direct unauthenticated container-list is allowed by auth rules, but authenticated browser calls without CSRF fail with 403; the Playwright test should not rely on raw RPC calls without CSRF unless using exempt read-only methods.

Immediate Resume Steps

  1. Proceed to BTCPay full lifecycle:
ARCHY_HOST=192.168.1.198 ARCHY_PASSWORD=password123 ARCHY_APPS=btcpay-server ARCHY_FULL_LIFECYCLE=1 ARCHY_STABILITY_SECONDS=5 tests/lifecycle/remote-lifecycle.sh

  1. If BTCPay passes backend lifecycle, add/run browser-level launch qualification for BTCPay using the same Playwright spec with ARCHY_APP_ID=btcpay-server, ARCHY_APP_TITLE=BTCPay, and ARCHY_EXPECTED_LAUNCH_URL=http://192.168.1.198:23000/.

  2. Fix stale boot_reconciler unit tests for existing-only production behavior if running the full backend test suite.

Verification Commands Before Resuming

ssh -i /home/archipelago/.ssh/id_ed25519 -o StrictHostKeyChecking=no archipelago@192.168.1.198 'systemctl is-active archipelago.service; systemctl is-active archipelago-doctor.timer 2>/dev/null || true; systemctl is-active archipelago-reconcile.timer 2>/dev/null || true; podman ps -a --format "{{.Names}} {{.Status}} {{.Ports}}" | egrep "lnd|btcpay|nbxplorer|bitcoin|electrs" || true'

curl -fsS -D - http://192.168.1.198:18083/ -o /tmp/opencode/lnd-ui.html

Files Touched In This Latest Session

  • neode-ui/e2e/app-launch.spec.ts: new parameterized Playwright launch qualification spec.
  • neode-ui/playwright.config.ts: baseURL can now be overridden with ARCHY_BASE_URL.
  • core/archipelago/src/api/rpc/dispatcher.rs: added server.get-state dispatch handler.
  • neode-ui/src/views/appSession/appSessionConfig.ts: LND forced new-tab session behavior.
  • neode-ui/src/views/apps/appsConfig.ts: LND marked as tab-launch app.
  • neode-ui/src/stores/appLauncher.ts: LND forced new-tab from legacy/open URL path.
  • docs/CONTAINER_LIFECYCLE_HANDOFF.md: this handoff update.

Still Dirty / Important

  • Worktree is dirty with many lifecycle/backend/frontend changes and untracked files. Do not revert other changes.
  • git status --short currently includes untracked tests/lifecycle/remote-lifecycle.sh, core/archipelago/src/container/lnd.rs, neode-ui/e2e/app-launch.spec.ts, and this handoff doc.
  • No commit was created.

Resume Prompt

Use this prompt in a fresh remote session:

Resume Archipelago lifecycle hardening from /home/archipelago/Projects/archy. Read docs/CONTAINER_LIFECYCLE_HANDOFF.md first. Current remote node is 192.168.1.198, SSH key /home/archipelago/.ssh/id_ed25519, ARCHY_PASSWORD=password123. LND backend lifecycle and browser launch qualification are now passing; latest deployed backend hash on .198 is abbd9fa4e6beace75f590c1988a1904b9de62b4b21fade1291926ac039c4747b. Continue with BTCPay full lifecycle, then add/run the same browser launch qualification for BTCPay. Preserve data unless explicitly told otherwise, keep doctor/reconcile timers paused, and do not revert unrelated dirty worktree changes.

Operator Snapshot

  • Plan: harden app/container lifecycle before release using strict lifecycle tests and app-specific probes.
  • Current target: run broad .198 audit after focused fixes for LND, Bitcoin Knots, Fedimint, and IndeedHub.
  • LND status on .198: strict audit and full preserve-data lifecycle passed on 2026-05-02.
  • Bitcoin Knots status on .198: full preserve-data lifecycle passed on 2026-05-02.
  • Fedimint status on .198: full preserve-data lifecycle passed on 2026-05-02.
  • IndeedHub status on .198: full preserve-data lifecycle passed on 2026-05-02.
  • Last known local status: focused lifecycle/orchestrator/container unit tests pass and release build succeeds.
  • Do not release until broad audit and app-specific UI probes pass.

Goal

Harden and verify Archipelago app/container lifecycle before release. Required coverage is install, launch, stop, start, restart, uninstall with preserve_data=true, reinstall, and launch again. UI checks must validate app-specific functionality, not only HTTP 200.

Current Focus

Run broad lifecycle audit on node 192.168.1.198, then continue app-by-app for any installed package that is non-running or unhealthy. LND, Bitcoin Knots, Fedimint, and IndeedHub have each passed focused strict lifecycle validation.

Strict LND criteria:

  • lnd container reaches running.
  • archy-lnd-ui companion serves /app/lnd/.
  • LND wallet is initialized or unlocked non-interactively.
  • /var/lib/archipelago/lnd/data/chain/bitcoin/mainnet/admin.macaroon exists.
  • /lnd-connect-info returns certificate, macaroon, REST/gRPC ports, and Tor onion.
  • LND UI contains all connection modes: REST local, REST Tor, gRPC local, gRPC Tor.
  • QR/connect controls are present and backed by real connection info.

Important Nodes

  • .198: SSH works with /home/archipelago/.ssh/id_ed25519.
  • .228: RPC works, SSH still blocked with Permission denied (publickey,password).

Test Harness

Primary remote harness:

ARCHY_HOST=192.168.1.198 ARCHY_PASSWORD=password123 ARCHY_APPS=lnd tests/lifecycle/remote-lifecycle.sh
ARCHY_HOST=192.168.1.198 ARCHY_PASSWORD=password123 ARCHY_APPS=lnd ARCHY_FULL_LIFECYCLE=1 tests/lifecycle/remote-lifecycle.sh

Harness changes made:

  • Normalizes package states with ascii_downcase because API can return Running.
  • Audit mode allows absent, fails installed non-running states.
  • Full lifecycle uses preserve-data uninstall.
  • LND probe checks DOM, all four connection modes, /lnd-connect-info, macaroon/cert lengths, REST/gRPC ports, and Tor onion.
  • Electrum probe now checks local and Tor QR containers/fields, qrcode.js, and /electrs-status Tor onion.
  • Added ARCHY_STABILITY_SECONDS observation window, default 15, so a single running snapshot is not enough.
  • Audit/full lifecycle now call container-health after install/start/restart/reinstall and fail anything other than healthy.
  • Focused validation passed for LND, Bitcoin Knots, Fedimint, and IndeedHub.

Implemented Backend Changes

Lifecycle/Reconcile

  • core/archipelago/src/server.rs
    • Scanner merge now recovers stale Removing -> Running if the container is actually live.
    • Added stale-removing recovery test.
  • core/archipelago/src/main.rs
    • Crash recovery now runs synchronously before BootReconciler.
  • core/archipelago/src/bootstrap.rs
    • Removed automatic deletion of /run/user/1000/{containers,libpod} when podman info fails.
  • core/archipelago/src/crash_recovery.rs
    • Generic boot recovery narrowed to safe containers only.
  • core/archipelago/src/container/prod_orchestrator.rs
    • Uninstall disables manifests rather than deleting manifest availability.
    • Explicit reinstall re-enables disabled manifests.
    • LND pre-start writes/repairs config.
    • LND post-start initializes/unlocks wallet in production.
    • Post-start hook is skipped in cfg(test) so unit tests do not mutate host LND state.
    • stop disables desired-state reconcile until explicit start.
    • Reconciler respects /var/lib/archipelago/user-stopped.json across daemon restarts.
    • Start path recreates containers when stale rootless Podman runtime state prevents startup.
  • core/archipelago/src/api/rpc/package/install.rs
    • Install reconciles companion UIs synchronously.
  • core/archipelago/src/api/rpc/package/runtime.rs
    • Start/restart reconcile companions.
    • Missing known companion containers are tolerated during stop/restart.
  • core/archipelago/src/health_monitor.rs
    • Added Bitcoin variant conflict guard for auto-restart: bitcoin-core and bitcoin-knots can both be installed, but the monitor must not auto-start one into default 8332/8333 while the other is already running.
    • Added unit tests for the conflict guard.
  • core/archipelago/src/api/rpc/package/install.rs
    • Removed install-time hard block between bitcoin-core and bitcoin-knots; users may install both. Runtime still needs alternate ports or one inactive variant to run both simultaneously.
  • core/archipelago/src/api/rpc/package/config.rs
    • Bitcoin variant container resolution is precise, so package operations for one variant do not target the other.
  • core/container/src/podman_client.rs
    • Custom network containers now receive container-name DNS aliases.
    • Containers get host.archipelago:10.89.0.1 for host RPC access from rootless networks.
  • apps/fedimint/manifest.yml and apps/fedimint-gateway/manifest.yml
    • Fedimint data owner fixed to 1000:1000.
    • Bitcoin RPC host changed to http://host.archipelago:8332.

Companions

  • core/archipelago/src/container/companion.rs
    • LND UI uses bridge networking, not host networking.
    • LND UI moved from host 8081 to host 18083 to avoid nostr-rs-relay conflict.
    • Test updated to expect 18083:80.
  • Routing/metadata moved LND UI to 18083:
    • apps/lnd-ui/manifest.yml
    • core/archipelago/src/container/docker_packages.rs
    • core/container/src/podman_client.rs
    • core/archipelago/src/port_allocator.rs
    • neode-ui/src/views/appSession/appSessionConfig.ts
    • neode-ui/src/stores/container.ts
    • neode-ui/src/stores/appLauncher.ts
    • neode-ui/src/views/appDetails/appDetailsData.ts
    • nginx snippets/configs for /app/lnd/ now proxy to 127.0.0.1:18083.

LND

  • New/expanded core/archipelago/src/container/lnd.rs.
  • ensure_config() writes required Bitcoin backend flags:
    • bitcoin.active=true
    • bitcoin.mainnet=true
    • bitcoin.node=bitcoind
    • bitcoind.rpchost=bitcoin-knots:8332
  • Handles permission denied writing lnd.conf via sudo.
  • ensure_wallet_initialized() now:
    • Checks wallet/macaroons via sudo-aware helpers because LND data is container-owned 0700.
    • Uses REST unlocker GET /v1/genseed and POST /v1/initwallet for new wallets.
    • Falls back to lncli unlock --stdin if wallet already exists.
    • Uses sudo-aware read for macaroon when checking /v1/getinfo readiness.

Verified Locally

Recent focused test passes:

cd /home/archipelago/Projects/archy/core
cargo test -p archipelago --bin archipelago health_monitor
cargo test -p archipelago --bin archipelago prod_orchestrator
cargo test -p archipelago --bin archipelago bitcoin_variant_container_names_are_precise
cargo test -p archipelago-container podman_network_settings_uses_networks_map_for_custom_networks
bash -n ../tests/lifecycle/remote-lifecycle.sh

Release build succeeds:

cd /home/archipelago/Projects/archy/core
cargo build -p archipelago --bin archipelago --release

.198 Current State

Recent deployment:

  • Built release binary with sudo-aware LND wallet checks and LND UI port 18083.
  • Deployed to /usr/local/bin/archipelago on .198 with backup.
  • Restarted archipelago.service; it returned active.
  • nginx on .198 was already updated so /app/lnd/ proxies to 127.0.0.1:18083.

Known .198 observations:

  • LND wallet artifacts exist after previous bootstrap:
    • /var/lib/archipelago/lnd/data/chain/bitcoin/mainnet/admin.macaroon
    • /var/lib/archipelago/lnd/data/chain/bitcoin/mainnet/wallet.db
  • nostr-rs-relay occupies 8081; LND UI must stay on 18083.
  • LND strict audit passed on 2026-05-02:
    • ARCHY_HOST=192.168.1.198 ARCHY_PASSWORD=password123 ARCHY_APPS=lnd tests/lifecycle/remote-lifecycle.sh
  • LND full preserve-data lifecycle passed on 2026-05-02:
    • ARCHY_HOST=192.168.1.198 ARCHY_PASSWORD=password123 ARCHY_APPS=lnd ARCHY_FULL_LIFECYCLE=1 tests/lifecycle/remote-lifecycle.sh
  • Final observed state after LND lifecycle:
    • archipelago.service active.
    • nginx active.
    • lnd running on 8080, 9735, and 10009.
    • archy-lnd-ui running on 18083.
    • archy-electrs-ui running and 50002 listening.
  • Active default Bitcoin backend is currently bitcoin-knots; bitcoin-core is installed but user-stopped.
  • /var/lib/archipelago/user-stopped.json should include bitcoin-core so daemon restart does not resurrect it into a default-port conflict.
  • Fedimint fixed issues:
    • stale rootless Podman runtime storage was handled by recreate-on-start-failure path.
    • data ownership fixed for gateway and federation DB lock files.
    • Bitcoin RPC DNS fixed via host.archipelago host alias.
  • IndeedHub full lifecycle passed after forcing the dedicated stack installer path, which removes stale stack containers and recreates network aliases and volumes.

Focused Remote Passes

ARCHY_HOST=192.168.1.198 ARCHY_PASSWORD=password123 ARCHY_APPS=lnd ARCHY_FULL_LIFECYCLE=1 ARCHY_STABILITY_SECONDS=5 tests/lifecycle/remote-lifecycle.sh
ARCHY_HOST=192.168.1.198 ARCHY_PASSWORD=password123 ARCHY_APPS=bitcoin-knots ARCHY_FULL_LIFECYCLE=1 ARCHY_STABILITY_SECONDS=5 tests/lifecycle/remote-lifecycle.sh
ARCHY_HOST=192.168.1.198 ARCHY_PASSWORD=password123 ARCHY_APPS=fedimint ARCHY_FULL_LIFECYCLE=1 ARCHY_STABILITY_SECONDS=5 tests/lifecycle/remote-lifecycle.sh
ARCHY_HOST=192.168.1.198 ARCHY_PASSWORD=password123 ARCHY_APPS=indeedhub ARCHY_FULL_LIFECYCLE=1 ARCHY_STABILITY_SECONDS=5 tests/lifecycle/remote-lifecycle.sh

Result for each focused run: all checks passed.

Immediate Next Steps

  1. Run broad audit:
ARCHY_HOST=192.168.1.198 ARCHY_PASSWORD=password123 ARCHY_STABILITY_SECONDS=5 tests/lifecycle/remote-lifecycle.sh

  1. Continue app-by-app for any installed package that broad audit reports as non-running or unhealthy.

  2. Resume Electrum full lifecycle with strict Tor/QR checks if Electrum remains in scope. Previous run was user-aborted during electrumx: install:

ARCHY_HOST=192.168.1.198 ARCHY_PASSWORD=password123 ARCHY_APPS=electrumx ARCHY_FULL_LIFECYCLE=1 tests/lifecycle/remote-lifecycle.sh
  1. If Electrum fails, capture current service and port state:
ssh -i /home/archipelago/.ssh/id_ed25519 -o StrictHostKeyChecking=no archipelago@192.168.1.198 'systemctl is-active archipelago.service; systemctl is-active nginx; ss -ltn | grep -E ":(50001|50002|18083|8081|8080|10009|9735)" || true; podman ps -a --format "{{.Names}} {{.Status}} {{.Ports}}" | egrep "electrs|electrum|lnd|nostr" || true'
  1. LND commands that passed and can be rerun as a regression check:
ARCHY_HOST=192.168.1.198 ARCHY_PASSWORD=password123 ARCHY_APPS=lnd tests/lifecycle/remote-lifecycle.sh
ARCHY_HOST=192.168.1.198 ARCHY_PASSWORD=password123 ARCHY_APPS=lnd ARCHY_FULL_LIFECYCLE=1 tests/lifecycle/remote-lifecycle.sh
  1. If /app/lnd/ regresses to 502, inspect companion unit and logs:
ssh -i /home/archipelago/.ssh/id_ed25519 -o StrictHostKeyChecking=no archipelago@192.168.1.198 'systemctl --user status archy-lnd-ui.service --no-pager -l 2>&1 | sed -n "1,160p"; test -f ~/.config/containers/systemd/archy-lnd-ui.container && sed -n "1,160p" ~/.config/containers/systemd/archy-lnd-ui.container || true; journalctl --user -u archy-lnd-ui.service -n 160 --no-pager 2>&1 | sed -n "1,160p"'
  1. If package.stop lnd regresses and does not stop the container, inspect runtime stop path in:
  • core/archipelago/src/api/rpc/package/runtime.rs
  • core/archipelago/src/container/prod_orchestrator.rs

Likely issue: state scanner/reconciler or companion handling re-starts LND during stop/uninstall, or stop path waits on package state while container is being reconciled.

Previously Fixed Live Issues On .198

  • stale fedimint=removing recovered.
  • orphaned filebrowser rootlessport on 8083 cleared.
  • orphaned bitcoin-core rootlessport on 8332/8333 cleared.
  • LND missing bitcoin.active/backend config fixed.
  • LND config permission denied fixed via sudo write.
  • Companion start/restart race mostly fixed by synchronous companion reconciliation.
  • Bitcoin Core/Knots install-time conflict removed while preserving runtime default-port safety.
  • Bitcoin Core unintended resurrection after daemon restart fixed through persistent user-stopped state.
  • Fedimint DB lock permission errors fixed through 1000:1000 data ownership.
  • Fedimint Bitcoin RPC DNS errors fixed through host.archipelago.
  • IndeedHub stale stopped stack fixed by reinstalling through the dedicated stack installer.

Do Not Forget

  • Do not release until strict lifecycle and app-specific UI probes pass.
  • Preserve data during destructive lifecycle testing unless explicitly instructed otherwise.
  • Do not revert user/other-agent worktree changes.
  • .228 still needs SSH fixed or must be tested RPC/UI-only.